home

vcop2.exe

Get your downloads

Maxiget Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application vcop2.exe by Maxiget Limited has been detected as adware by 4 anti-malware scanners. The file has been seen being downloaded from ds212.maxiget.com and multiple other hosts.
Publisher:
Company #1  (signed by Maxiget Limited)

Product:
Get your downloads

Version:
3, 1, 28, 0

MD5:
031587c5d012413dbc8ae124cc26f932

SHA-1:
3ffc78b45cb456b0bf959b9a077a74d85313293e

SHA-256:
cb416222d4c41dc7eaebbfbd90a604f4fb07dcc6c10858c0f654b7121df076bf

Scanner detections:
4 / 68

Status:
Adware

Explanation:
This is a modified installer version of the software and bundles additional offers including adware.

Analysis date:
4/18/2024 11:38:10 AM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
PUP/Win32.Downloader
2014.01.28

Comodo Security
Application.Win32.Graftor.KLK
17683

Reason Heuristics
PUP.New IT Limited.Maxiget
15.6.16.8

Sophos
4Share Downloader
4.97

File size:
311.9 KB (319,408 bytes)

Product version:
3, 1, 28, 0

Copyright:
Copyright (C) 2013

Trademarks:
TM(c)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\compressed\vcop2.exe

Digital Signature
Signed by:
Maxiget Limited

Authority:
GoDaddy.com, Inc.

Valid from:
8/15/2013 1:41:32 PM

Valid to:
8/15/2016 1:41:32 PM

Subject:
CN=Maxiget Limited, O=Maxiget Limited, L=Limassol, S=Cyprus, C=CY

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
045BA815265145

File PE Metadata
Compilation timestamp:
1/17/2014 10:47:51 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:i89fYKACMR9bQGArMaOo5FfYN+dc4CcGo+olLlTBiZ4jcXE3+4+zvFHPvqo2:vf9/rMalCcp/kZVES5H

Entry address:
0x25E61

Entry point:
E8, 5C, 89, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B...
 
[+]

Entropy:
6.3664

Code size:
224 KB (229,376 bytes)

The file vcop2.exe has been seen being distributed by the following 14 URLs.

http://ds212.maxiget.com/.../SaveAs.exe

http://ds212.maxiget.com/.../04 ??????? (Tonight) - Scrubb.exe

http://ds212.maxiget.com/.../RA 2-Yuri(Full).exe

http://ds212.maxiget.com/.../12.???????????.exe

http://ds212.maxiget.com/.../Lmfao_-_Rock_Party_Anthem.exe

http://ds212.maxiget.com/.../????????(?? ?????????).exe

http://ds212.maxiget.com/.../????????? ??.exe

http://ds212.maxiget.com/.../Rain - Why (Ost. Full House).exe

http://ds212.maxiget.com/.../01 - ??????? - ?? ??????...?????????? (320KBpS).exe

http://ds212.maxiget.com/.../??????? ????? - ????????????????.exe

http://ds212.maxiget.com/.../??????.exe

http://ds212.maxiget.com/.../backpack-1.8.9-1.5.2.exe

http://ds212.maxiget.com/.../VIDEO_PLAYER_UPGRADE.exe

http://ds212.maxiget.com/.../??? ????.exe

Remove vcop2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.